Author Topic: SECURITY WARNINGS & Notices - Please post them here  (Read 1774079 times)

0 Members and 4 Guests are viewing this topic.

Offline Be Secure

  • Long Time Avast User(9years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1874
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5820 on: February 14, 2019, 06:06:29 AM »
Surprised, I haven't seen Avast make any statement regarding this.
This Trojan exploits antivirus software to steal your data
https://www.zdnet.com/article/this-new-malware-exploits-bugs-in-antivirus-software-to-steal-your-data/
Quote
This version injects a malicious module into one of Avast's processes, whereas early versions of the campaign detected Avast and quit. As Avast is the most common antivirus software in the world, this is an effective evasive strategy.
Quote
aswrundll.exe is the Avast Software Runtime Dynamic Link Library that is responsible for running modules for Avast. aswrundll.exe is very similar to Microsoft’s own rundll32.exe - it allows one to execute DLLs by calling their exported functions. The use of aswrundll.exe as a LOLbin has been mentioned in the past year.

https://www.cybereason.com/blog/information-stealing-malware-targeting-brazil

« Last Edit: February 14, 2019, 06:32:36 AM by Be Secure »
PC- Windows10 EDU 64Bit,Avast Free V.19.6.2383,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 60743
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5821 on: February 14, 2019, 06:44:03 AM »
Thanks, I forwarded it...
Win 8.1 [x64] - Avast PremSec 19.8.2393.BUC - CC 5.61 - EEK - Firefox ESR 60.9 [NS/AOS/uBO] - TB 68.1 [EM] - ABS/ACP/ASB/ASL.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Be Secure

  • Long Time Avast User(9years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1874
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5822 on: February 14, 2019, 12:23:27 PM »
Thanks, I forwarded it...
Thank you.https://www.bleepingcomputer.com/news/security/new-astaroth-trojan-variant-exploits-anti-malware-software-to-steal-info/
Update February 13 2019 20:00 EST: Article updated post-publication with additional comments from Avast:
Quote
We learned today about this particular Astaroth trojan variant analyzed in Cybereason’s report. Since this is not an exploit, there is no obligation for them to provide formal or advance communication. The authors misuse a trusted binary to run the malware, in this case they used an Avast process, probably due to the size of our user base in the target country of Brazil. One important thing to consider is that this is neither an injection nor a privilege escalation. Installed Avast binaries have self-protection mechanisms in place to avoid injections. In this instance, they are using an Avast file to run a binary in a similar way that a DLL using Windows’ rundll32.exe can run. We had previously issued a detection for the malware so all Avast users are protected from this variant. Additionally, we will be implementing changes to our environment to ensure the same process cannot be misused in this way the future.
Hopeing that avast's aswrundll.exe is protected by Avast and it has self-protection mechanism too.


« Last Edit: February 14, 2019, 12:30:31 PM by Be Secure »
PC- Windows10 EDU 64Bit,Avast Free V.19.6.2383,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline Pondus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 36060
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 41519
  • 59 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5824 on: February 14, 2019, 09:20:52 PM »
Free avast! Security Seminar: https://goo.gl/kh3cqR  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1903 64bit, 8 Gig Ram, AvastFree 19.6.xxxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 81924
  • No support PMs thanks
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5825 on: February 15, 2019, 01:08:43 AM »
Hacked USB Cable

https://youtu.be/uFcWlqQIOIY

Very sneaky and scary and how to tell.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 19.7.2388 (build: 19.7.4674.526)/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ WinPatrol+/

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 41519
  • 59 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5826 on: February 15, 2019, 01:40:51 AM »
Free avast! Security Seminar: https://goo.gl/kh3cqR  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1903 64bit, 8 Gig Ram, AvastFree 19.6.xxxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline Be Secure

  • Long Time Avast User(9years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1874
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5827 on: February 15, 2019, 04:34:21 AM »
PC- Windows10 EDU 64Bit,Avast Free V.19.6.2383,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline Be Secure

  • Long Time Avast User(9years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1874
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5828 on: February 16, 2019, 04:57:41 AM »
PC- Windows10 EDU 64Bit,Avast Free V.19.6.2383,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline Be Secure

  • Long Time Avast User(9years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1874
PC- Windows10 EDU 64Bit,Avast Free V.19.6.2383,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 41519
  • 59 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5830 on: February 17, 2019, 05:07:48 PM »
https://selabs.uk/en/reports/consumers
What I instantly noticed is Defenders rating.
Hope Avast is also paying attention.
Free avast! Security Seminar: https://goo.gl/kh3cqR  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1903 64bit, 8 Gig Ram, AvastFree 19.6.xxxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline Be Secure

  • Long Time Avast User(9years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1874
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5831 on: February 17, 2019, 06:30:19 PM »
PC- Windows10 EDU 64Bit,Avast Free V.19.6.2383,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline Be Secure

  • Long Time Avast User(9years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1874
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5832 on: February 18, 2019, 06:36:56 AM »
https://selabs.uk/en/reports/consumers
What I instantly noticed is Defenders rating.
Hope Avast is also paying attention.
Avira Free also ahead of avast!
What is Avast doing? ???
PC- Windows10 EDU 64Bit,Avast Free V.19.6.2383,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline TheSharku

  • Jr. Member
  • **
  • Posts: 68
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5833 on: February 18, 2019, 07:51:10 AM »
Avira Free also ahead of avast!
What is Avast doing? ???
All good anti-viruses are very close in protection, so it's not strange.

Offline Be Secure

  • Long Time Avast User(9years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1874
Re: SECURITY WARNINGS & Notices - Please post them here
« Reply #5834 on: February 18, 2019, 11:46:26 AM »
Avira Free also ahead of avast!
What is Avast doing? ???
All good anti-viruses are very close in protection, so it's not strange.
See PROTECTION ACCURACY:Only 80%
« Last Edit: February 18, 2019, 11:52:27 AM by Be Secure »
PC- Windows10 EDU 64Bit,Avast Free V.19.6.2383,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast